CVE-2022-3810: Axiomatic Bento4 mp42hevc Mp42Hevc.cpp AP4_File denial of service
First published: Tue Nov 01 2022(Updated: )
A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212667.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Axiosys Bento4 | <=1.6.0-639 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-3810?
The severity of CVE-2022-3810 is medium with a CVSS score of 6.5.
What is the affected software of CVE-2022-3810?
The affected software of CVE-2022-3810 is Axiosys Bento4 version 1.6.0-639.
How does CVE-2022-3810 affect the software?
CVE-2022-3810 affects the software by causing a denial of service due to a manipulation in the AP4_File::AP4_File function of the Mp42Hevc.cpp file in the mp42hevc component.
Can CVE-2022-3810 be exploited remotely?
Yes, CVE-2022-3810 can be exploited remotely.
Is there a proof-of-concept available for CVE-2022-3810?
Yes, a proof-of-concept is available for CVE-2022-3810. You can find it [here](https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/title
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/axiosys
- canonical/axiosys bento4
- version/axiosys bento4/1.6.0-639